| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "components/certificate_transparency/log_proof_fetcher.h" |
| 6 |
| 7 #include <string> |
| 8 |
| 9 #include "components/safe_json/testing_json_parser.h" |
| 10 #include "net/base/network_delegate.h" |
| 11 #include "net/cert/signed_tree_head.h" |
| 12 #include "net/test/ct_test_util.h" |
| 13 #include "net/url_request/url_request_context.h" |
| 14 #include "net/url_request/url_request_filter.h" |
| 15 #include "net/url_request/url_request_interceptor.h" |
| 16 #include "net/url_request/url_request_job.h" |
| 17 #include "net/url_request/url_request_test_job.h" |
| 18 #include "net/url_request/url_request_test_util.h" |
| 19 |
| 20 #include "testing/gtest/include/gtest/gtest.h" |
| 21 |
| 22 namespace certificate_transparency { |
| 23 |
| 24 namespace { |
| 25 |
| 26 const char kGetSTHHeaders[] = |
| 27 "HTTP/1.1 200 OK\0" |
| 28 "Content-Type: application/json; charset=ISO-8859-1\0" |
| 29 "\0"; |
| 30 |
| 31 const char kLogSchema[] = "https"; |
| 32 const char kLogURL[] = "ct.log.example.com"; |
| 33 |
| 34 std::string GetLogID() { |
| 35 return std::string("some_id"); |
| 36 } |
| 37 |
| 38 class GetSTHResponseHandler : public net::URLRequestInterceptor { |
| 39 public: |
| 40 GetSTHResponseHandler(const std::string& headers, |
| 41 const std::string& get_sth_data) |
| 42 : headers_(headers), sth_data_(get_sth_data) {} |
| 43 ~GetSTHResponseHandler() override {} |
| 44 |
| 45 // URLRequestInterceptor implementation: |
| 46 net::URLRequestJob* MaybeInterceptRequest( |
| 47 net::URLRequest* request, |
| 48 net::NetworkDelegate* network_delegate) const override { |
| 49 return new net::URLRequestTestJob(request, network_delegate, headers_, |
| 50 sth_data_, true); |
| 51 } |
| 52 |
| 53 private: |
| 54 std::string headers_; |
| 55 const std::string& sth_data_; |
| 56 |
| 57 DISALLOW_COPY_AND_ASSIGN(GetSTHResponseHandler); |
| 58 }; |
| 59 |
| 60 class LogProofFetcherTest : public ::testing::Test { |
| 61 public: |
| 62 LogProofFetcherTest() |
| 63 : context_(true), |
| 64 log_url_(std::string(kLogSchema) + "://" + std::string(kLogURL) + "/") { |
| 65 context_.Init(); |
| 66 } |
| 67 |
| 68 void SetUp() override { |
| 69 scoped_ptr<GetSTHResponseHandler> handler( |
| 70 new GetSTHResponseHandler(kGetSTHHeaders, sth_json_reply_data_)); |
| 71 |
| 72 net::URLRequestFilter::GetInstance()->AddHostnameInterceptor( |
| 73 kLogSchema, kLogURL, handler.Pass()); |
| 74 |
| 75 fetcher_.reset(new LogProofFetcher(&context_)); |
| 76 } |
| 77 |
| 78 void TearDown() override { |
| 79 net::URLRequestFilter::GetInstance()->RemoveHostnameHandler(kLogSchema, |
| 80 kLogURL); |
| 81 } |
| 82 |
| 83 protected: |
| 84 base::MessageLoopForIO message_loop_; |
| 85 net::TestURLRequestContext context_; |
| 86 safe_json::TestingJsonParser::ScopedFactoryOverride factory_override_; |
| 87 scoped_ptr<LogProofFetcher> fetcher_; |
| 88 std::string sth_json_reply_data_; |
| 89 GURL log_url_; |
| 90 }; |
| 91 |
| 92 class RecordFetchCallbackInvocations { |
| 93 public: |
| 94 RecordFetchCallbackInvocations() : invoked_(false), failed_(false) {} |
| 95 |
| 96 virtual void STHFetched(const std::string& log_id, |
| 97 const net::ct::SignedTreeHead& sth) { |
| 98 invoked_ = true; |
| 99 } |
| 100 |
| 101 void FetchingFailed(const std::string& log_id, |
| 102 const std::string& error_string) { |
| 103 invoked_ = true; |
| 104 failed_ = true; |
| 105 } |
| 106 |
| 107 bool invoked() { return invoked_; } |
| 108 |
| 109 bool failed() { return failed_; } |
| 110 |
| 111 private: |
| 112 bool invoked_; |
| 113 bool failed_; |
| 114 }; |
| 115 |
| 116 class ExpectedSuccessCallback : public RecordFetchCallbackInvocations { |
| 117 public: |
| 118 ExpectedSuccessCallback(const net::ct::SignedTreeHead& sth) |
| 119 : known_sth_(sth) {} |
| 120 |
| 121 void STHFetched(const std::string& log_id, |
| 122 const net::ct::SignedTreeHead& sth) override { |
| 123 ASSERT_EQ(GetLogID(), log_id); |
| 124 ASSERT_EQ(sth.version, known_sth_.version); |
| 125 ASSERT_EQ(sth.timestamp, known_sth_.timestamp); |
| 126 ASSERT_EQ(sth.tree_size, known_sth_.tree_size); |
| 127 ASSERT_STREQ(sth.sha256_root_hash, known_sth_.sha256_root_hash); |
| 128 ASSERT_EQ(sth.signature.hash_algorithm, |
| 129 known_sth_.signature.hash_algorithm); |
| 130 ASSERT_EQ(sth.signature.signature_algorithm, |
| 131 known_sth_.signature.signature_algorithm); |
| 132 ASSERT_EQ(sth.signature.signature_data, |
| 133 known_sth_.signature.signature_data); |
| 134 |
| 135 RecordFetchCallbackInvocations::STHFetched(log_id, sth); |
| 136 } |
| 137 |
| 138 private: |
| 139 net::ct::SignedTreeHead known_sth_; |
| 140 }; |
| 141 |
| 142 TEST_F(LogProofFetcherTest, TestValidGetSTHReply) { |
| 143 sth_json_reply_data_ = net::ct::GetSampleSTHAsJson(); |
| 144 |
| 145 net::ct::SignedTreeHead valid_sth; |
| 146 net::ct::GetSampleSignedTreeHead(&valid_sth); |
| 147 ExpectedSuccessCallback cb(valid_sth); |
| 148 |
| 149 fetcher_->FetchSTH( |
| 150 log_url_, GetLogID(), |
| 151 base::Bind(&ExpectedSuccessCallback::STHFetched, base::Unretained(&cb)), |
| 152 base::Bind(&ExpectedSuccessCallback::FetchingFailed, |
| 153 base::Unretained(&cb))); |
| 154 message_loop_.RunUntilIdle(); |
| 155 |
| 156 ASSERT_TRUE(cb.invoked()); |
| 157 ASSERT_FALSE(cb.failed()); |
| 158 } |
| 159 |
| 160 TEST_F(LogProofFetcherTest, TestInvalidGetSTHReplyIncompleteSTH) { |
| 161 RecordFetchCallbackInvocations cb; |
| 162 sth_json_reply_data_ = net::ct::CreateSignedTreeHeadJsonString( |
| 163 21 /* tree_size */, 123456u /* timestamp */, std::string(""), |
| 164 std::string("")); |
| 165 |
| 166 fetcher_->FetchSTH(log_url_, GetLogID(), |
| 167 base::Bind(&RecordFetchCallbackInvocations::STHFetched, |
| 168 base::Unretained(&cb)), |
| 169 base::Bind(&RecordFetchCallbackInvocations::FetchingFailed, |
| 170 base::Unretained(&cb))); |
| 171 message_loop_.RunUntilIdle(); |
| 172 |
| 173 ASSERT_TRUE(cb.invoked()); |
| 174 ASSERT_TRUE(cb.failed()); |
| 175 } |
| 176 |
| 177 TEST_F(LogProofFetcherTest, TestInvalidGetSTHReplyInvalidJSON) { |
| 178 RecordFetchCallbackInvocations cb; |
| 179 sth_json_reply_data_ = "{\"tree_size\":21,\"timestamp\":}"; |
| 180 |
| 181 fetcher_->FetchSTH(log_url_, GetLogID(), |
| 182 base::Bind(&RecordFetchCallbackInvocations::STHFetched, |
| 183 base::Unretained(&cb)), |
| 184 base::Bind(&RecordFetchCallbackInvocations::FetchingFailed, |
| 185 base::Unretained(&cb))); |
| 186 message_loop_.RunUntilIdle(); |
| 187 |
| 188 ASSERT_TRUE(cb.invoked()); |
| 189 ASSERT_TRUE(cb.failed()); |
| 190 } |
| 191 |
| 192 } // namespace |
| 193 |
| 194 } // namespace certificate_transparency |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1222953002:
Certificate Transparency: Add STH Fetching capability. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master